1. 14 11月, 2018 40 次提交
    • P
      netfilter: xt_nat: fix DNAT target for shifted portmap ranges · 703acc32
      Paolo Abeni 提交于
      [ Upstream commit cb20f2d2c0507d60d94ef896991e95708f051dd1 ]
      
      The commit 2eb0f624 ("netfilter: add NAT support for shifted
      portmap ranges") did not set the checkentry/destroy callbacks for
      the newly added DNAT target. As a result, rulesets using only
      such nat targets are not effective, as the relevant conntrack hooks
      are not enabled.
      The above affect also nft_compat rulesets.
      Fix the issue adding the missing initializers.
      
      Fixes: 2eb0f624 ("netfilter: add NAT support for shifted portmap ranges")
      Signed-off-by: NPaolo Abeni <pabeni@redhat.com>
      Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org>
      Signed-off-by: NSasha Levin <sashal@kernel.org>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      703acc32
    • W
      locking/lockdep: Fix debug_locks off performance problem · 117d5fbd
      Waiman Long 提交于
      [ Upstream commit 9506a7425b094d2f1d9c877ed5a78f416669269b ]
      
      It was found that when debug_locks was turned off because of a problem
      found by the lockdep code, the system performance could drop quite
      significantly when the lock_stat code was also configured into the
      kernel. For instance, parallel kernel build time on a 4-socket x86-64
      server nearly doubled.
      
      Further analysis into the cause of the slowdown traced back to the
      frequent call to debug_locks_off() from the __lock_acquired() function
      probably due to some inconsistent lockdep states with debug_locks
      off. The debug_locks_off() function did an unconditional atomic xchg
      to write a 0 value into debug_locks which had already been set to 0.
      This led to severe cacheline contention in the cacheline that held
      debug_locks.  As debug_locks is being referenced in quite a few different
      places in the kernel, this greatly slow down the system performance.
      
      To prevent that trashing of debug_locks cacheline, lock_acquired()
      and lock_contended() now checks the state of debug_locks before
      proceeding. The debug_locks_off() function is also modified to check
      debug_locks before calling __debug_locks_off().
      Signed-off-by: NWaiman Long <longman@redhat.com>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Will Deacon <will.deacon@arm.com>
      Link: http://lkml.kernel.org/r/1539913518-15598-1-git-send-email-longman@redhat.comSigned-off-by: NIngo Molnar <mingo@kernel.org>
      Signed-off-by: NSasha Levin <sashal@kernel.org>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      117d5fbd
    • E
      net: loopback: clear skb->tstamp before netif_rx() · 3fdf483b
      Eric Dumazet 提交于
      [ Upstream commit 4c16128b6271e70c8743178e90cccee147858503 ]
      
      At least UDP / TCP stacks can now cook skbs with a tstamp using
      MONOTONIC base (or arbitrary values with SCM_TXTIME)
      
      Since loopback driver does not call (directly or indirectly)
      skb_scrub_packet(), we need to clear skb->tstamp so that
      net_timestamp_check() can eventually resample the time,
      using ktime_get_real().
      
      Fixes: 80b14dee ("net: Add a new socket option for a future transmit time.")
      Fixes: fb420d5d91c1 ("tcp/fq: move back to CLOCK_MONOTONIC")
      Signed-off-by: NEric Dumazet <edumazet@google.com>
      Cc: Willem de Bruijn <willemb@google.com>
      Cc: Soheil Hassas Yeganeh <soheil@google.com>
      Acked-by: NSoheil Hassas Yeganeh <soheil@google.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      Signed-off-by: NSasha Levin <sashal@kernel.org>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      3fdf483b
    • M
      net: socionext: Reset tx queue in ndo_stop · cf5819b2
      Masahisa Kojima 提交于
      [ Upstream commit 8d5b0bf611ec5b7618d5b772dddc93b8afa78cb8 ]
      
      We observed that packets and bytes count are not reset
      when user performs interface down. Eventually, tx queue is
      exhausted and packets will not be sent out.
      To avoid this problem, resets tx queue in ndo_stop.
      
      Fixes: 533dd11a ("net: socionext: Add Synquacer NetSec driver")
      Signed-off-by: NMasahisa Kojima <masahisa.kojima@linaro.org>
      Signed-off-by: NYoshitoyo Osaki <osaki.yoshitoyo@socionext.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      Signed-off-by: NSasha Levin <sashal@kernel.org>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      cf5819b2
    • M
      ARM: dts: exynos: Disable pull control for MAX8997 interrupts on Origen · 3f8141b1
      Marek Szyprowski 提交于
      commit f5e758b8358f6c27e8a351ddf0b441a64cdabb94 upstream.
      
      PMIC_IRQB and PMIC_KEYINB lines on Exynos4210-based Origen board have
      external pull-up resistors, so disable any pull control for those lines
      in respective pin controller node. This fixes support for MAX8997
      interrupts and enables operation of wakeup from MAX8997 RTC alarm.
      Signed-off-by: NMarek Szyprowski <m.szyprowski@samsung.com>
      Fixes: 17419726 ("ARM: dts: add max8997 device node for exynos4210-origen board")
      Cc: <stable@vger.kernel.org>
      Signed-off-by: NKrzysztof Kozlowski <krzk@kernel.org>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      3f8141b1
    • D
      x86/numa_emulation: Fix uniform-split numa emulation · d9f91499
      Dave Jiang 提交于
      commit c6ee7a548e2c291398b4f32c1f741c66b9f98e1c upstream.
      
      The numa_emulation() routine in the 'uniform' case walks through all the
      physical 'memblk' instances and divides them into N emulated nodes with
      split_nodes_size_interleave_uniform(). As each physical node is consumed it
      is removed from the physical memblk array in the numa_remove_memblk_from()
      helper.
      
      Since split_nodes_size_interleave_uniform() handles advancing the array as
      the 'memblk' is consumed it is expected that the base of the array is
      always specified as the argument.
      
      Otherwise, on multi-socket (> 2) configurations the uniform-split
      capability can generate an invalid numa configuration leading to boot
      failures with signatures like the following:
      
          rcu: INFO: rcu_sched detected stalls on CPUs/tasks:
          Sending NMI from CPU 0 to CPUs 2:
          NMI backtrace for cpu 2
          CPU: 2 PID: 1332 Comm: pgdatinit0 Not tainted 4.19.0-rc8-next-20181019-baseline #59
          RIP: 0010:__init_single_page.isra.74+0x81/0x90
          [..]
          Call Trace:
           deferred_init_pages+0xaa/0xe3
           deferred_init_memmap+0x18f/0x318
           kthread+0xf8/0x130
           ? deferred_free_pages.isra.105+0xc9/0xc9
           ? kthread_stop+0x110/0x110
           ret_from_fork+0x35/0x40
      
      Fixes: 1f6a2c6d9f121 ("x86/numa_emulation: Introduce uniform split capability")
      Signed-off-by: NDave Jiang <dave.jiang@intel.com>
      Signed-off-by: NDan Williams <dan.j.williams@intel.com>
      Signed-off-by: NThomas Gleixner <tglx@linutronix.de>
      Tested-by: NAlexander Duyck <alexander.h.duyck@linux.intel.com>
      Reviewed-by: NDave Hansen <dave.hansen@linux.intel.com>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: "H. Peter Anvin" <hpa@zytor.com>
      Cc: Andy Lutomirski <luto@kernel.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: stable@vger.kernel.org
      Link: https://lkml.kernel.org/r/154049911459.2685845.9210186007479774286.stgit@dwillia2-desk3.amr.corp.intel.comSigned-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      d9f91499
    • S
      x86/mm/pat: Disable preemption around __flush_tlb_all() · e36453b6
      Sebastian Andrzej Siewior 提交于
      commit f77084d96355f5fba8e2c1fb3a51a393b1570de7 upstream.
      
      The WARN_ON_ONCE(__read_cr3() != build_cr3()) in switch_mm_irqs_off()
      triggers every once in a while during a snapshotted system upgrade.
      
      The warning triggers since commit decab088 ("x86/mm: Remove
      preempt_disable/enable() from __native_flush_tlb()"). The callchain is:
      
        get_page_from_freelist() -> post_alloc_hook() -> __kernel_map_pages()
      
      with CONFIG_DEBUG_PAGEALLOC enabled.
      
      Disable preemption during CR3 reset / __flush_tlb_all() and add a comment
      why preemption has to be disabled so it won't be removed accidentaly.
      
      Add another preemptible() check in __flush_tlb_all() to catch callers with
      enabled preemption when PGE is enabled, because PGE enabled does not
      trigger the warning in __native_flush_tlb(). Suggested by Andy Lutomirski.
      
      Fixes: decab088 ("x86/mm: Remove preempt_disable/enable() from __native_flush_tlb()")
      Signed-off-by: NSebastian Andrzej Siewior <bigeasy@linutronix.de>
      Signed-off-by: NThomas Gleixner <tglx@linutronix.de>
      Cc: Andy Lutomirski <luto@kernel.org>
      Cc: Dave Hansen <dave.hansen@linux.intel.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: stable@vger.kernel.org
      Link: https://lkml.kernel.org/r/20181017103432.zgv46nlu3hc7k4rq@linutronix.deSigned-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      e36453b6
    • V
      x86/kvm/nVMX: allow bare VMXON state migration · 97dc5051
      Vitaly Kuznetsov 提交于
      commit a1b0c1c64dfef0cff8555bb708bfc5d7c66c6ca4 upstream.
      
      It is perfectly valid for a guest to do VMXON and not do VMPTRLD. This
      state needs to be preserved on migration.
      
      Cc: stable@vger.kernel.org
      Fixes: 8fcc4b59Signed-off-by: NVitaly Kuznetsov <vkuznets@redhat.com>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      97dc5051
    • H
      x86/corruption-check: Fix panic in memory_corruption_check() when boot option... · 967afd9a
      He Zhe 提交于
      x86/corruption-check: Fix panic in memory_corruption_check() when boot option without value is provided
      
      commit ccde460b9ae5c2bd5e4742af0a7f623c2daad566 upstream.
      
      memory_corruption_check[{_period|_size}]()'s handlers do not check input
      argument before passing it to kstrtoul() or simple_strtoull(). The argument
      would be a NULL pointer if each of the kernel parameters, without its
      value, is set in command line and thus cause the following panic.
      
      PANIC: early exception 0xe3 IP 10:ffffffff73587c22 error 0 cr2 0x0
      [    0.000000] CPU: 0 PID: 0 Comm: swapper Not tainted 4.18-rc8+ #2
      [    0.000000] RIP: 0010:kstrtoull+0x2/0x10
      ...
      [    0.000000] Call Trace
      [    0.000000]  ? set_corruption_check+0x21/0x49
      [    0.000000]  ? do_early_param+0x4d/0x82
      [    0.000000]  ? parse_args+0x212/0x330
      [    0.000000]  ? rdinit_setup+0x26/0x26
      [    0.000000]  ? parse_early_options+0x20/0x23
      [    0.000000]  ? rdinit_setup+0x26/0x26
      [    0.000000]  ? parse_early_param+0x2d/0x39
      [    0.000000]  ? setup_arch+0x2f7/0xbf4
      [    0.000000]  ? start_kernel+0x5e/0x4c2
      [    0.000000]  ? load_ucode_bsp+0x113/0x12f
      [    0.000000]  ? secondary_startup_64+0xa5/0xb0
      
      This patch adds checks to prevent the panic.
      Signed-off-by: NHe Zhe <zhe.he@windriver.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: gregkh@linuxfoundation.org
      Cc: kstewart@linuxfoundation.org
      Cc: pombredanne@nexb.com
      Cc: stable@vger.kernel.org
      Link: http://lkml.kernel.org/r/1534260823-87917-1-git-send-email-zhe.he@windriver.comSigned-off-by: NIngo Molnar <mingo@kernel.org>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      
      967afd9a
    • J
      x86/xen: Fix boot loader version reported for PVH guests · 9f775ed2
      Juergen Gross 提交于
      commit 357d291ce035d1b757568058f3c9898c60d125b1 upstream.
      
      The boot loader version reported via sysfs is wrong in case of the
      kernel being booted via the Xen PVH boot entry. it should be 2.12
      (0x020c), but it is reported to be 2.18 (0x0212).
      
      As the current way to set the version is error prone use the more
      readable variant (2 << 8) | 12.
      Signed-off-by: NJuergen Gross <jgross@suse.com>
      Cc: <stable@vger.kernel.org> # 4.12
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: boris.ostrovsky@oracle.com
      Cc: bp@alien8.de
      Cc: corbet@lwn.net
      Cc: linux-doc@vger.kernel.org
      Cc: xen-devel@lists.xenproject.org
      Link: http://lkml.kernel.org/r/20181010061456.22238-2-jgross@suse.comSigned-off-by: NIngo Molnar <mingo@kernel.org>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      9f775ed2
    • J
      x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation · 233b9d7d
      Jiri Kosina 提交于
      commit 53c613fe6349994f023245519265999eed75957f upstream.
      
      STIBP is a feature provided by certain Intel ucodes / CPUs. This feature
      (once enabled) prevents cross-hyperthread control of decisions made by
      indirect branch predictors.
      
      Enable this feature if
      
      - the CPU is vulnerable to spectre v2
      - the CPU supports SMT and has SMT siblings online
      - spectre_v2 mitigation autoselection is enabled (default)
      
      After some previous discussion, this leaves STIBP on all the time, as wrmsr
      on crossing kernel boundary is a no-no. This could perhaps later be a bit
      more optimized (like disabling it in NOHZ, experiment with disabling it in
      idle, etc) if needed.
      
      Note that the synchronization of the mask manipulation via newly added
      spec_ctrl_mutex is currently not strictly needed, as the only updater is
      already being serialized by cpu_add_remove_lock, but let's make this a
      little bit more future-proof.
      Signed-off-by: NJiri Kosina <jkosina@suse.cz>
      Signed-off-by: NThomas Gleixner <tglx@linutronix.de>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Josh Poimboeuf <jpoimboe@redhat.com>
      Cc: Andrea Arcangeli <aarcange@redhat.com>
      Cc:  "WoodhouseDavid" <dwmw@amazon.co.uk>
      Cc: Andi Kleen <ak@linux.intel.com>
      Cc: Tim Chen <tim.c.chen@linux.intel.com>
      Cc:  "SchauflerCasey" <casey.schaufler@intel.com>
      Cc: stable@vger.kernel.org
      Link: https://lkml.kernel.org/r/nycvar.YFH.7.76.1809251438240.15880@cbobk.fhfr.pmSigned-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      233b9d7d
    • T
      ALSA: hda - Fix incorrect clearance of thinkpad_acpi hooks · 1e3430e2
      Takashi Iwai 提交于
      commit 5e93a125f521efd00d71af31c2a301f3d46af48c upstream.
      
      Since the commit c647f806 ("ALSA: hda - Allow multiple ADCs for
      mic mute LED controls") we allow enabling the mic mute LED with
      multiple ADCs.  The commit changed the function return value to be
      zero or a negative error, while this change was overlooked in the
      thinkpad_acpi helper code where it still expects a positive return
      value for success.  This eventually leads to a NULL dereference on a
      system that has only a mic mute LED.
      
      This patch corrects the return value check in the corresponding code
      as well.
      
      Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=201621
      Fixes: c647f806 ("ALSA: hda - Allow multiple ADCs for mic mute LED controls")
      Cc: <stable@vger.kernel.org>
      Signed-off-by: NTakashi Iwai <tiwai@suse.de>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      1e3430e2
    • A
      ALSA: ca0106: Disable IZD on SB0570 DAC to fix audio pops · e3a6b6ed
      Alex Stanoev 提交于
      commit ac237c28d5ac1b241d58b1b7b4b9fa10efb22fb5 upstream.
      
      The Creative Audigy SE (SB0570) card currently exhibits an audible pop
      whenever playback is stopped or resumed, or during silent periods of an
      audio stream. Initialise the IZD bit to the 0 to eliminate these pops.
      
      The Infinite Zero Detection (IZD) feature on the DAC causes the output
      to be shunted to Vcap after 2048 samples of silence. This discharges the
      AC coupling capacitor through the output and causes the aforementioned
      pop/click noise.
      
      The behaviour of the IZD bit is described on page 15 of the WM8768GEDS
      datasheet: "With IZD=1, applying MUTE for 1024 consecutive input samples
      will cause all outputs to be connected directly to VCAP. This also
      happens if 2048 consecutive zero input samples are applied to all 6
      channels, and IZD=0. It will be removed as soon as any channel receives
      a non-zero input". I believe the second sentence might be referring to
      IZD=1 instead of IZD=0 given the observed behaviour of the card.
      
      This change should make the DAC initialisation consistent with
      Creative's Windows driver, as this popping persists when initialising
      the card in Linux and soft rebooting into Windows, but is not present on
      a cold boot to Windows.
      Signed-off-by: NAlex Stanoev <alex@astanoev.com>
      Cc: <stable@vger.kernel.org>
      Signed-off-by: NTakashi Iwai <tiwai@suse.de>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      e3a6b6ed
    • H
      ALSA: hda: Add 2 more models to the power_save blacklist · 3e10f0f1
      Hans de Goede 提交于
      commit 5cb6b5fc013ee711d19bfc4e9deb8d6ae80741db upstream.
      
      Power-saving is causing plops on audio start/stop on Dell Precision T3600
      laptops and Intel DZ77BH boards, add these to the power_save blacklist.
      
      BugLink: https://bugzilla.redhat.com/show_bug.cgi?id=1525104Signed-off-by: NHans de Goede <hdegoede@redhat.com>
      Cc: <stable@vger.kernel.org>
      Signed-off-by: NTakashi Iwai <tiwai@suse.de>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      3e10f0f1
    • J
      ALSA: hda - Add mic quirk for the Lenovo G50-30 (17aa:3905) · e989f4b3
      Jeremy Cline 提交于
      commit e7bb6ad5 upstream.
      
      The Lenovo G50-30, like other G50 models, has a Conexant codec that
      requires a quirk for its inverted stereo dmic.
      
      Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1249364Reported-by: NAlexander Ploumistos <alex.ploumistos@gmail.com>
      Tested-by: NAlexander Ploumistos <alex.ploumistos@gmail.com>
      Cc: stable@vger.kernel.org
      Signed-off-by: NJeremy Cline <jcline@redhat.com>
      Signed-off-by: NTakashi Iwai <tiwai@suse.de>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      e989f4b3
    • H
      ALSA: hda/realtek - Fix the problem of the front MIC on the Lenovo M715 · 7ea3c763
      Hui Wang 提交于
      commit d06fb562bff5d14defdacbd92449bacbaedd5cdf upstream.
      
      The front MIC on the Lenovo M715 can't record sound, after applying
      the ALC294_FIXUP_LENOVO_MIC_LOCATION, the problem is fixed. So add
      the pin configuration of this machine to the pin quirk table.
      
      Cc: <stable@vger.kernel.org>
      Signed-off-by: NHui Wang <hui.wang@canonical.com>
      Signed-off-by: NTakashi Iwai <tiwai@suse.de>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      7ea3c763
    • T
      ALSA: hda - Fix headphone pin config for ASUS G751 · 4306ad59
      Takashi Iwai 提交于
      commit 5b7c5e1f4c36b99d0f694f38b9ad910f520cb7ef upstream.
      
      BIOS on ASUS G751 doesn't seem to map the headphone pin (NID 0x16)
      correctly.  Add a quirk to address it, as well as chaining to the
      previous fix for the microphone.
      Reported-by: NHåvard <hovardslill@gmail.com>
      Cc: <stable@vger.kernel.org>
      Signed-off-by: NTakashi Iwai <tiwai@suse.de>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      4306ad59
    • T
      ALSA: hda - Add quirk for ASUS G751 laptop · 096cd55d
      Takashi Iwai 提交于
      commit 11ba6111160290ccd35562f4e05cec08942a6c4c upstream.
      
      ASUS G751 requires the extra COEF initialization to make it microphone
      working properly.
      Reported-and-tested-by: NHåvard <hovardslill@gmail.com>
      Cc: <stable@vger.kernel.org>
      Signed-off-by: NTakashi Iwai <tiwai@suse.de>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      096cd55d
    • H
      parisc: Fix exported address of os_hpmc handler · e41a6afd
      Helge Deller 提交于
      commit 99a3ae51d557d8e38a7aece65678a31f9db215ee upstream.
      
      In the C-code we need to put the physical address of the hpmc handler in
      the interrupt vector table (IVA) in order to get HPMCs working.  Since
      on parisc64 function pointers are indirect (in fact they are function
      descriptors) we instead export the address as variable and not as
      function.
      
      This reverts a small part of commit f39cce65 ("parisc: Add
      cfi_startproc and cfi_endproc to assembly code").
      Signed-off-by: NHelge Deller <deller@gmx.de>
      Cc: <stable@vger.kernel.org>    [4.9+]
      Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      e41a6afd
    • H
      parisc: Fix map_pages() to not overwrite existing pte entries · 72f6b9c0
      Helge Deller 提交于
      commit 3c229b3f2dd8133f61bb81d3cb018be92f4bba39 upstream.
      
      Fix a long-existing small nasty bug in the map_pages() implementation which
      leads to overwriting already written pte entries with zero, *if* map_pages() is
      called a second time with an end address which isn't aligned on a pmd boundry.
      This happens for example if we want to remap only the text segment read/write
      in order to run alternative patching on the code. Exiting the loop when we
      reach the end address fixes this.
      
      Cc: stable@vger.kernel.org
      Signed-off-by: NHelge Deller <deller@gmx.de>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      72f6b9c0
    • J
      parisc: Fix address in HPMC IVA · dcfc4972
      John David Anglin 提交于
      commit 1138b6718ff74d2a934459643e3754423d23b5e2 upstream.
      
      Helge noticed that the address of the os_hpmc handler was not being
      correctly calculated in the hpmc macro.  As a result, PDCE_CHECK would
      fail to call os_hpmc:
      
      <Cpu2> e800009802e00000  0000000000000000  CC_ERR_CHECK_HPMC
      <Cpu2> 37000f7302e00000  8040004000000000  CC_ERR_CPU_CHECK_SUMMARY
      <Cpu2> f600105e02e00000  fffffff0f0c00000  CC_MC_HPMC_MONARCH_SELECTED
      <Cpu2> 140003b202e00000  000000000000000b  CC_ERR_HPMC_STATE_ENTRY
      <Cpu2> 5600100b02e00000  00000000000001a0  CC_MC_OS_HPMC_LEN_ERR
      <Cpu2> 5600106402e00000  fffffff0f0438e70  CC_MC_BR_TO_OS_HPMC_FAILED
      <Cpu2> e800009802e00000  0000000000000000  CC_ERR_CHECK_HPMC
      <Cpu2> 37000f7302e00000  8040004000000000  CC_ERR_CPU_CHECK_SUMMARY
      <Cpu2> 4000109f02e00000  0000000000000000  CC_MC_HPMC_INITIATED
      <Cpu2> 4000101902e00000  0000000000000000  CC_MC_MULTIPLE_HPMCS
      <Cpu2> 030010d502e00000  0000000000000000  CC_CPU_STOP
      
      The address problem can be seen by dumping the fault vector:
      
      0000000040159000 <fault_vector_20>:
          40159000:   63 6f 77 73     stb r15,-2447(dp)
          40159004:   20 63 61 6e     ldil L%b747000,r3
          40159008:   20 66 6c 79     ldil L%-1c3b3000,r3
              ...
          40159020:   08 00 02 40     nop
          40159024:   20 6e 60 02     ldil L%15d000,r3
          40159028:   34 63 00 00     ldo 0(r3),r3
          4015902c:   e8 60 c0 02     bv,n r0(r3)
          40159030:   08 00 02 40     nop
          40159034:   00 00 00 00     break 0,0
          40159038:   c0 00 70 00     bb,*< r0,sar,40159840 <fault_vector_20+0x840>
          4015903c:   00 00 00 00     break 0,0
      
      Location 40159038 should contain the physical address of os_hpmc:
      
      000000004015d000 <os_hpmc>:
          4015d000:   08 1a 02 43     copy r26,r3
          4015d004:   01 c0 08 a4     mfctl iva,r4
          4015d008:   48 85 00 68     ldw 34(r4),r5
      
      This patch moves the address setup into initialize_ivt to resolve the
      above problem.  I tested the change by dumping the HPMC entry after setup:
      
      0000000040209020:  8000240
      0000000040209024: 206a2004
      0000000040209028: 34630ac0
      000000004020902c: e860c002
      0000000040209030:  8000240
      0000000040209034: 1bdddce6
      0000000040209038:   15d000
      000000004020903c:      1a0
      Signed-off-by: NJohn David Anglin <dave.anglin@bell.net>
      Cc: <stable@vger.kernel.org>
      Signed-off-by: NHelge Deller <deller@gmx.de>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      dcfc4972
    • D
      mailbox: PCC: handle parse error · 316f31f1
      David Arcari 提交于
      commit afd0b1fb22269f48d68fdf269891c653818c8047 upstream.
      
      acpi_pcc_probe() calls acpi_table_parse_entries_array() but fails
      to check for an error return.  This in turn can result in calling
      kcalloc() with a negative count as well as emitting the following
      misleading erorr message:
      
      [    2.642015] Could not allocate space for PCC mbox channels
      
      Fixes: 8f8027c5 (mailbox: PCC: erroneous error message when parsing ACPI PCCT)
      Signed-off-by: NDavid Arcari <darcari@redhat.com>
      Reviewed-by: NAl Stone <ahs3@redhat.com>
      Cc: 4.18+ <stable@vger.kernel.org> # 4.18+
      Signed-off-by: NRafael J. Wysocki <rafael.j.wysocki@intel.com>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      316f31f1
    • J
      ipmi: Fix timer race with module unload · 8e071518
      Jan Glauber 提交于
      commit 0711e8c1b4572d076264e71b0002d223f2666ed7 upstream.
      
      Please note that below oops is from an older kernel, but the same
      race seems to be present in the upstream kernel too.
      
      ---8<---
      
      The following panic was encountered during removing the ipmi_ssif
      module:
      
      [ 526.352555] Unable to handle kernel paging request at virtual address ffff000006923090
      [ 526.360464] Mem abort info:
      [ 526.363257] ESR = 0x86000007
      [ 526.366304] Exception class = IABT (current EL), IL = 32 bits
      [ 526.372221] SET = 0, FnV = 0
      [ 526.375269] EA = 0, S1PTW = 0
      [ 526.378405] swapper pgtable: 4k pages, 48-bit VAs, pgd = 000000008ae60416
      [ 526.385185] [ffff000006923090] *pgd=000000bffcffe803, *pud=000000bffcffd803, *pmd=0000009f4731a003, *pte=0000000000000000
      [ 526.396141] Internal error: Oops: 86000007 [#1] SMP
      [ 526.401008] Modules linked in: nls_iso8859_1 ipmi_devintf joydev input_leds ipmi_msghandler shpchp sch_fq_codel ib_iser rdma_cm iw_cm ib_cm ib_core iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi ip_tables x_tables autofs4 btrfs zstd_compress raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid1 raid0 multipath linear i2c_smbus hid_generic usbhid uas hid usb_storage ast aes_ce_blk i2c_algo_bit aes_ce_cipher qede ttm crc32_ce ptp crct10dif_ce drm_kms_helper ghash_ce syscopyarea sha2_ce sysfillrect sysimgblt pps_core fb_sys_fops sha256_arm64 sha1_ce mpt3sas qed drm raid_class ahci scsi_transport_sas libahci gpio_xlp i2c_xlp9xx aes_neon_bs aes_neon_blk crypto_simd cryptd aes_arm64 [last unloaded: ipmi_ssif]
      [ 526.468085] CPU: 125 PID: 0 Comm: swapper/125 Not tainted 4.15.0-35-generic #38~lp1775396+build.1
      [ 526.476942] Hardware name: To be filled by O.E.M. Saber/Saber, BIOS 0ACKL022 08/14/2018
      [ 526.484932] pstate: 00400009 (nzcv daif +PAN -UAO)
      [ 526.489713] pc : 0xffff000006923090
      [ 526.493198] lr : call_timer_fn+0x34/0x178
      [ 526.497194] sp : ffff000009b0bdd0
      [ 526.500496] x29: ffff000009b0bdd0 x28: 0000000000000082
      [ 526.505796] x27: 0000000000000002 x26: ffff000009515188
      [ 526.511096] x25: ffff000009515180 x24: ffff0000090f1018
      [ 526.516396] x23: ffff000009519660 x22: dead000000000200
      [ 526.521696] x21: ffff000006923090 x20: 0000000000000100
      [ 526.526995] x19: ffff809eeb466a40 x18: 0000000000000000
      [ 526.532295] x17: 000000000000000e x16: 0000000000000007
      [ 526.537594] x15: 0000000000000000 x14: 071c71c71c71c71c
      [ 526.542894] x13: 0000000000000000 x12: 0000000000000000
      [ 526.548193] x11: 0000000000000001 x10: ffff000009b0be88
      [ 526.553493] x9 : 0000000000000000 x8 : 0000000000000005
      [ 526.558793] x7 : ffff80befc1f8528 x6 : 0000000000000020
      [ 526.564092] x5 : 0000000000000040 x4 : 0000000020001b20
      [ 526.569392] x3 : 0000000000000000 x2 : ffff809eeb466a40
      [ 526.574692] x1 : ffff000006923090 x0 : ffff809eeb466a40
      [ 526.579992] Process swapper/125 (pid: 0, stack limit = 0x000000002eb50acc)
      [ 526.586854] Call trace:
      [ 526.589289] 0xffff000006923090
      [ 526.592419] expire_timers+0xc8/0x130
      [ 526.596070] run_timer_softirq+0xec/0x1b0
      [ 526.600070] __do_softirq+0x134/0x328
      [ 526.603726] irq_exit+0xc8/0xe0
      [ 526.606857] __handle_domain_irq+0x6c/0xc0
      [ 526.610941] gic_handle_irq+0x84/0x188
      [ 526.614679] el1_irq+0xe8/0x180
      [ 526.617822] cpuidle_enter_state+0xa0/0x328
      [ 526.621993] cpuidle_enter+0x34/0x48
      [ 526.625564] call_cpuidle+0x44/0x70
      [ 526.629040] do_idle+0x1b8/0x1f0
      [ 526.632256] cpu_startup_entry+0x2c/0x30
      [ 526.636174] secondary_start_kernel+0x11c/0x130
      [ 526.640694] Code: bad PC value
      [ 526.643800] ---[ end trace d020b0b8417c2498 ]---
      [ 526.648404] Kernel panic - not syncing: Fatal exception in interrupt
      [ 526.654778] SMP: stopping secondary CPUs
      [ 526.658734] Kernel Offset: disabled
      [ 526.662211] CPU features: 0x5800c38
      [ 526.665688] Memory Limit: none
      [ 526.668768] ---[ end Kernel panic - not syncing: Fatal exception in interrupt
      
      Prevent mod_timer from arming a timer that was already removed by
      del_timer during module unload.
      Signed-off-by: NJan Glauber <jglauber@cavium.com>
      Cc: <stable@vger.kernel.org> # 3.19
      Signed-off-by: NCorey Minyard <cminyard@mvista.com>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      8e071518
    • M
      kprobes/x86: Use preempt_enable() in optimized_callback() · b7e4138c
      Masami Hiramatsu 提交于
      commit 2e62024c265aa69315ed02835623740030435380 upstream.
      
      The following commit:
      
        a19b2e3d ("kprobes/x86: Remove IRQ disabling from ftrace-based/optimized kprobes”)
      
      removed local_irq_save/restore() from optimized_callback(), the handler
      might be interrupted by the rescheduling interrupt and might be
      rescheduled - so we must not use the preempt_enable_no_resched() macro.
      
      Use preempt_enable() instead, to not lose preemption events.
      
      [ mingo: Improved the changelog. ]
      Reported-by: NNadav Amit <namit@vmware.com>
      Signed-off-by: NMasami Hiramatsu <mhiramat@kernel.org>
      Acked-by: NPeter Zijlstra (Intel) <peterz@infradead.org>
      Cc: <stable@vger.kernel.org>
      Cc: Alexei Starovoitov <alexei.starovoitov@gmail.com>
      Cc: Andy Lutomirski <luto@kernel.org>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Oleg Nesterov <oleg@redhat.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: dwmw@amazon.co.uk
      Fixes: a19b2e3d ("kprobes/x86: Remove IRQ disabling from ftrace-based/optimized kprobes”)
      Link: http://lkml.kernel.org/r/154002887331.7627.10194920925792947001.stgit@devboxSigned-off-by: NIngo Molnar <mingo@kernel.org>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      b7e4138c
    • D
      acpi, nfit: Fix Address Range Scrub completion tracking · 96f81d51
      Dan Williams 提交于
      commit d3abaf43bab8d5b0a3c6b982100d9e2be96de4ad upstream.
      
      The Address Range Scrub implementation tried to skip running scrubs
      against ranges that were already scrubbed by the BIOS. Unfortunately
      that support also resulted in early scrub completions as evidenced by
      this debug output from nfit_test:
      
          nd_region region9: ARS: range 1 short complete
          nd_region region3: ARS: range 1 short complete
          nd_region region4: ARS: range 2 ARS start (0)
          nd_region region4: ARS: range 2 short complete
      
      ...i.e. completions without any indications that the scrub was started.
      
      This state of affairs was hard to see in the code due to the
      proliferation of state bits and mistakenly trying to track done state
      per-range when the completion is a global property of the bus.
      
      So, kill the four ARS state bits (ARS_REQ, ARS_REQ_REDO, ARS_DONE, and
      ARS_SHORT), and replace them with just 2 request flags ARS_REQ_SHORT and
      ARS_REQ_LONG. The implementation will still complete and reap the
      results of BIOS initiated ARS, but it will not attempt to use that
      information to affect the completion status of scrubbing the ranges from
      a Linux perspective.
      
      Instead, try to synchronously run a short ARS per range at init time and
      schedule a long scrub in the background. If ARS is busy with an ARS
      request, schedule both a short and a long scrub for when ARS returns to
      idle. This logic also satisfies the intent of what ARS_REQ_REDO was
      trying to achieve. The new rule is that the REQ flag stays set until the
      next successful ars_start() for that range.
      
      With the new policy that the REQ flags are not cleared until the next
      start, the implementation no longer loses requests as can be seen from
      the following log:
      
          nd_region region3: ARS: range 1 ARS start short (0)
          nd_region region9: ARS: range 1 ARS start short (0)
          nd_region region3: ARS: range 1 complete
          nd_region region4: ARS: range 2 ARS start short (0)
          nd_region region9: ARS: range 1 complete
          nd_region region9: ARS: range 1 ARS start long (0)
          nd_region region4: ARS: range 2 complete
          nd_region region3: ARS: range 1 ARS start long (0)
          nd_region region9: ARS: range 1 complete
          nd_region region3: ARS: range 1 complete
          nd_region region4: ARS: range 2 ARS start long (0)
          nd_region region4: ARS: range 2 complete
      
      ...note that the nfit_test emulated driver provides 2 buses, that is why
      some of the range indices are duplicated. Notice that each range
      now successfully completes a short and long scrub.
      
      Cc: <stable@vger.kernel.org>
      Fixes: 14c73f99 ("nfit, address-range-scrub: introduce nfit_spa->ars_state")
      Fixes: cc3d3458 ("acpi/nfit: queue issuing of ars when an uc error...")
      Reported-by: NJacek Zloch <jacek.zloch@intel.com>
      Reported-by: NKrzysztof Rusocki <krzysztof.rusocki@intel.com>
      Reviewed-by: NDave Jiang <dave.jiang@intel.com>
      Signed-off-by: NDan Williams <dan.j.williams@intel.com>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      96f81d51
    • E
      ACPICA: AML Parser: fix parse loop to correctly skip erroneous extended opcodes · 8badf7c3
      Erik Schmauss 提交于
      commit c64baa3a6fa207d112706bc5e7fd645cd8a8663f upstream.
      
      AML opcodes come in two lengths: 1-byte opcodes and 2-byte, extended opcodes.
      If an error occurs due to illegal opcodes during table load, the AML parser
      needs to continue loading the table. In order to do this, it needs to skip
      parsing of the offending opcode and operands associated with that opcode.
      
      This change fixes the AML parse loop to correctly skip parsing of incorrect
      extended opcodes. Previously, only the short opcodes were skipped correctly.
      Signed-off-by: NErik Schmauss <erik.schmauss@intel.com>
      Cc: All applicable <stable@vger.kernel.org>
      Signed-off-by: NRafael J. Wysocki <rafael.j.wysocki@intel.com>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      8badf7c3
    • E
      ACPICA: AML interpreter: add region addresses in global list during initialization · 22083c02
      Erik Schmauss 提交于
      commit 4abb951b73ff0a8a979113ef185651aa3c8da19b upstream.
      
      The table load process omitted adding the operation region address
      range to the global list. This omission is problematic because the OS
      queries the global list to check for address range conflicts before
      deciding which drivers to load. This commit may result in warning
      messages that look like the following:
      
      [    7.871761] ACPI Warning: system_IO range 0x00000428-0x0000042F conflicts with op_region 0x00000400-0x0000047F (\PMIO) (20180531/utaddress-213)
      [    7.871769] ACPI: If an ACPI driver is available for this device, you should use it instead of the native driver
      
      However, these messages do not signify regressions. It is a result of
      properly adding address ranges within the global address list.
      
      Link: https://bugzilla.kernel.org/show_bug.cgi?id=200011Tested-by: NJean-Marc Lenoir <archlinux@jihemel.com>
      Signed-off-by: NErik Schmauss <erik.schmauss@intel.com>
      Cc: All applicable <stable@vger.kernel.org>
      Signed-off-by: NRafael J. Wysocki <rafael.j.wysocki@intel.com>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      22083c02
    • B
      ACPI / OSL: Use 'jiffies' as the time bassis for acpi_os_get_timer() · a3b026a3
      Bart Van Assche 提交于
      commit 83b2348e2755db48fa8f40fdb791f366fabc0ba0 upstream.
      
      Since acpi_os_get_timer() may be called after the timer subsystem has
      been suspended, use the jiffies counter instead of ktime_get(). This
      patch avoids that the following warning is reported during hibernation:
      
      WARNING: CPU: 0 PID: 612 at kernel/time/timekeeping.c:751 ktime_get+0x116/0x120
      RIP: 0010:ktime_get+0x116/0x120
      Call Trace:
       acpi_os_get_timer+0xe/0x30
       acpi_ds_exec_begin_control_op+0x175/0x1de
       acpi_ds_exec_begin_op+0x2c7/0x39a
       acpi_ps_create_op+0x573/0x5e4
       acpi_ps_parse_loop+0x349/0x1220
       acpi_ps_parse_aml+0x25b/0x6da
       acpi_ps_execute_method+0x327/0x41b
       acpi_ns_evaluate+0x4e9/0x6f5
       acpi_ut_evaluate_object+0xd9/0x2f2
       acpi_rs_get_method_data+0x8f/0x114
       acpi_walk_resources+0x122/0x1b6
       acpi_pci_link_get_current.isra.2+0x157/0x280
       acpi_pci_link_set+0x32f/0x4a0
       irqrouter_resume+0x58/0x80
       syscore_resume+0x84/0x380
       hibernation_snapshot+0x20c/0x4f0
       hibernate+0x22d/0x3a6
       state_store+0x99/0xa0
       kobj_attr_store+0x37/0x50
       sysfs_kf_write+0x87/0xa0
       kernfs_fop_write+0x1a5/0x240
       __vfs_write+0xd2/0x410
       vfs_write+0x101/0x250
       ksys_write+0xab/0x120
       __x64_sys_write+0x43/0x50
       do_syscall_64+0x71/0x220
       entry_SYSCALL_64_after_hwframe+0x49/0xbe
      
      Fixes: 164a08ce (ACPICA: Dispatcher: Introduce timeout mechanism for infinite loop detection)
      Reported-by: NFengguang Wu <fengguang.wu@intel.com>
      References: https://lists.01.org/pipermail/lkp/2018-April/008406.htmlSigned-off-by: NBart Van Assche <bvanassche@acm.org>
      Cc: 4.16+ <stable@vger.kernel.org> # 4.16+
      Signed-off-by: NRafael J. Wysocki <rafael.j.wysocki@intel.com>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      a3b026a3
    • M
      pcmcia: Implement CLKRUN protocol disabling for Ricoh bridges · e792b324
      Maciej S. Szmigiero 提交于
      commit 95691e3eddc41da2d1cd3cca51fecdfb46bd85bc upstream.
      
      Currently, "disable_clkrun" yenta_socket module parameter is only
      implemented for TI CardBus bridges.
      Add also an implementation for Ricoh bridges that have the necessary
      setting documented in publicly available datasheets.
      
      Tested on a RL5C476II with a Sunrich C-160 CardBus NIC that doesn't work
      correctly unless the CLKRUN protocol is disabled.
      
      Let's also make it clear in its description that the "disable_clkrun"
      module parameter only works on these two previously mentioned brands of
      CardBus bridges.
      Signed-off-by: NMaciej S. Szmigiero <mail@maciej.szmigiero.name>
      Cc: stable@vger.kernel.org
      Signed-off-by: NDominik Brodowski <linux@dominikbrodowski.net>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      e792b324
    • H
      dma-mapping: fix panic caused by passing empty cma command line argument · 953983cb
      He Zhe 提交于
      commit a3ceed87 upstream.
      
      early_cma does not check input argument before passing it to
      simple_strtoull. The argument would be a NULL pointer if "cma", without
      its value, is set in command line and thus causes the following panic.
      
      PANIC: early exception 0xe3 IP 10:ffffffffa3e9db8d error 0 cr2 0x0
      [    0.000000] CPU: 0 PID: 0 Comm: swapper Not tainted 4.19.0-rc3-yocto-standard+ #7
      [    0.000000] RIP: 0010:_parse_integer_fixup_radix+0xd/0x70
      ...
      [    0.000000] Call Trace:
      [    0.000000]  simple_strtoull+0x29/0x70
      [    0.000000]  memparse+0x26/0x90
      [    0.000000]  early_cma+0x17/0x6a
      [    0.000000]  do_early_param+0x57/0x8e
      [    0.000000]  parse_args+0x208/0x320
      [    0.000000]  ? rdinit_setup+0x30/0x30
      [    0.000000]  parse_early_options+0x29/0x2d
      [    0.000000]  ? rdinit_setup+0x30/0x30
      [    0.000000]  parse_early_param+0x36/0x4d
      [    0.000000]  setup_arch+0x336/0x99e
      [    0.000000]  start_kernel+0x6f/0x4e6
      [    0.000000]  x86_64_start_reservations+0x24/0x26
      [    0.000000]  x86_64_start_kernel+0x6f/0x72
      [    0.000000]  secondary_startup_64+0xa4/0xb0
      
      This patch adds a check to prevent the panic.
      Signed-off-by: NHe Zhe <zhe.he@windriver.com>
      Reviewed-by: NMarek Szyprowski <m.szyprowski@samsung.com>
      Cc: stable@vger.kernel.org
      Signed-off-by: NChristoph Hellwig <hch@lst.de>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      953983cb
    • R
      cpufreq: conservative: Take limits changes into account properly · 2037da5c
      Rafael J. Wysocki 提交于
      commit da5e79bc70b84971d2b3a55fb252e34e51d81d48 upstream.
      
      If the policy limits change between invocations of cs_dbs_update(),
      the requested frequency value stored in dbs_info may not be updated
      and the function may use a stale value of it next time.  Moreover, if
      idle periods are takem into account by cs_dbs_update(), the requested
      frequency value stored in dbs_info may be below the min policy limit,
      which is incorrect.
      
      To fix these problems, always update the requested frequency value
      in dbs_info along with the local copy of it when the previous
      requested frequency is beyond the policy limits and avoid decreasing
      the requested frequency below the min policy limit when taking
      idle periods into account.
      
      Fixes: abb66279 (cpufreq: conservative: Fix next frequency selection)
      Fixes: 00bfe058 (cpufreq: conservative: Decrease frequency faster for deferred updates)
      Reported-by: NWaldemar Rymarkiewicz <waldemarx.rymarkiewicz@intel.com>
      Cc: All applicable <stable@vger.kernel.org>
      Signed-off-by: NRafael J. Wysocki <rafael.j.wysocki@intel.com>
      Acked-by: NWaldemar Rymarkiewicz <waldemarx.rymarkiewicz@intel.com>
      Acked-by: NViresh Kumar <viresh.kumar@linaro.org>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      2037da5c
    • M
      block: make sure writesame bio is aligned with logical block size · 1ea5c403
      Ming Lei 提交于
      commit 34ffec60b27aa81d04e274e71e4c6ef740f75fc7 upstream.
      
      Obviously the created writesame bio has to be aligned with logical block
      size, and use bio_allowed_max_sectors() to retrieve this number.
      
      Cc: stable@vger.kernel.org
      Cc: Mike Snitzer <snitzer@redhat.com>
      Cc: Christoph Hellwig <hch@lst.de>
      Cc: Xiao Ni <xni@redhat.com>
      Cc: Mariusz Dabrowski <mariusz.dabrowski@intel.com>
      Fixes: b49a0871 ("block: remove split code in blkdev_issue_{discard,write_same}")
      Tested-by: NRui Salvaterra <rsalvaterra@gmail.com>
      Signed-off-by: NMing Lei <ming.lei@redhat.com>
      Signed-off-by: NJens Axboe <axboe@kernel.dk>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      1ea5c403
    • M
      block: make sure discard bio is aligned with logical block size · 14657efd
      Ming Lei 提交于
      commit 1adfc5e4 upstream.
      
      Obviously the created discard bio has to be aligned with logical block size.
      
      This patch introduces the helper of bio_allowed_max_sectors() for
      this purpose.
      
      Cc: stable@vger.kernel.org
      Cc: Mike Snitzer <snitzer@redhat.com>
      Cc: Christoph Hellwig <hch@lst.de>
      Cc: Xiao Ni <xni@redhat.com>
      Cc: Mariusz Dabrowski <mariusz.dabrowski@intel.com>
      Fixes: 744889b7 ("block: don't deal with discard limit in blkdev_issue_discard()")
      Fixes: a22c4d7e ("block: re-add discard_granularity and alignment checks")
      Reported-by: NRui Salvaterra <rsalvaterra@gmail.com>
      Tested-by: NRui Salvaterra <rsalvaterra@gmail.com>
      Signed-off-by: NMing Lei <ming.lei@redhat.com>
      Signed-off-by: NJens Axboe <axboe@kernel.dk>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      14657efd
    • J
      block: setup bounce bio_sets properly · cf8d0973
      Jens Axboe 提交于
      commit 52990a5f upstream.
      
      We're only setting up the bounce bio sets if we happen
      to need bouncing for regular HIGHMEM, not if we only need
      it for ISA devices.
      
      Protect the ISA bounce setup with a mutex, since it's
      being invoked from driver init functions and can thus be
      called in parallel.
      
      Cc: stable@vger.kernel.org
      Reported-by: NOndrej Zary <linux@rainbow-software.org>
      Tested-by: NOndrej Zary <linux@rainbow-software.org>
      Signed-off-by: NJens Axboe <axboe@kernel.dk>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      cf8d0973
    • H
      jffs2: free jffs2_sb_info through jffs2_kill_sb() · f5f578eb
      Hou Tao 提交于
      commit 92e2921f7eee63450a5f953f4b15dc6210219430 upstream.
      
      When an invalid mount option is passed to jffs2, jffs2_parse_options()
      will fail and jffs2_sb_info will be freed, but then jffs2_sb_info will
      be used (use-after-free) and freeed (double-free) in jffs2_kill_sb().
      
      Fix it by removing the buggy invocation of kfree() when getting invalid
      mount options.
      
      Fixes: 92abc475 ("jffs2: implement mount option parsing and compression overriding")
      Cc: stable@kernel.org
      Signed-off-by: NHou Tao <houtao1@huawei.com>
      Reviewed-by: NRichard Weinberger <richard@nod.at>
      Signed-off-by: NBoris Brezillon <boris.brezillon@bootlin.com>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      f5f578eb
    • D
      hwmon: (pmbus) Fix page count auto-detection. · 43cba96d
      Dmitry Bazhenov 提交于
      commit e7c6a55606b5c46b449d76588968b4d8caae903f upstream.
      
      Devices with compatible="pmbus" field have zero initial page count,
      and pmbus_clear_faults() being called before the page count auto-
      detection does not actually clear faults because it depends on the
      page count. Non-cleared faults in its turn may fail the subsequent
      page count auto-detection.
      
      This patch fixes this problem by calling pmbus_clear_fault_page()
      for currently set page and calling pmbus_clear_faults() after the
      page count was detected.
      
      Cc: stable@vger.kernel.org
      Signed-off-by: NDmitry Bazhenov <bazhenov.dn@gmail.com>
      Signed-off-by: NGuenter Roeck <linux@roeck-us.net>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      43cba96d
    • T
      bcache: fix miss key refill->end in writeback · e52ad8e0
      Tang Junhui 提交于
      commit 2d6cb6edd2c7fb4f40998895bda45006281b1ac5 upstream.
      
      refill->end record the last key of writeback, for example, at the first
      time, keys (1,128K) to (1,1024K) are flush to the backend device, but
      the end key (1,1024K) is not included, since the bellow code:
      	if (bkey_cmp(k, refill->end) >= 0) {
      		ret = MAP_DONE;
      		goto out;
      	}
      And in the next time when we refill writeback keybuf again, we searched
      key start from (1,1024K), and got a key bigger than it, so the key
      (1,1024K) missed.
      This patch modify the above code, and let the end key to be included to
      the writeback key buffer.
      Signed-off-by: NTang Junhui <tang.junhui.linux@gmail.com>
      Cc: stable@vger.kernel.org
      Signed-off-by: NColy Li <colyli@suse.de>
      Signed-off-by: NJens Axboe <axboe@kernel.dk>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      e52ad8e0
    • T
      bcache: correct dirty data statistics · 9e9f19ef
      Tang Junhui 提交于
      commit 2e17a262a2371d38d2ec03614a2675a32cef9912 upstream.
      
      When bcache device is clean, dirty keys may still exist after
      journal replay, so we need to count these dirty keys even
      device in clean status, otherwise after writeback, the amount
      of dirty data would be incorrect.
      Signed-off-by: NTang Junhui <tang.junhui.linux@gmail.com>
      Cc: stable@vger.kernel.org
      Signed-off-by: NColy Li <colyli@suse.de>
      Signed-off-by: NJens Axboe <axboe@kernel.dk>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      9e9f19ef
    • T
      bcache: fix ioctl in flash device · 32870e2b
      Tang Junhui 提交于
      commit dd0c9179 upstream.
      
      When doing ioctl in flash device, it will call ioctl_dev() in super.c,
      then we should not to get cached device since flash only device has
      no backend device. This patch just move the jugement dc->io_disable
      to cached_dev_ioctl() to make ioctl in flash device correctly.
      
      Fixes: 0f0709e6 ("bcache: stop bcache device when backing device is offline")
      Signed-off-by: NTang Junhui <tang.junhui.linux@gmail.com>
      Cc: stable@vger.kernel.org
      Signed-off-by: NColy Li <colyli@suse.de>
      Signed-off-by: NJens Axboe <axboe@kernel.dk>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      32870e2b
    • T
      bcache: trace missed reading by cache_missed · fec039ec
      Tang Junhui 提交于
      commit 502b2915 upstream.
      
      Missed reading IOs are identified by s->cache_missed, not the
      s->cache_miss, so in trace_bcache_read() using trace_bcache_read
      to identify whether the IO is missed or not.
      Signed-off-by: NTang Junhui <tang.junhui.linux@gmail.com>
      Cc: stable@vger.kernel.org
      Signed-off-by: NColy Li <colyli@suse.de>
      Signed-off-by: NJens Axboe <axboe@kernel.dk>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      fec039ec